I wanted to know if you can block a specific PC from accessing/surfing the internet. I don't want to block it from all internet access, but I don't want to have it surf. I don't want to use the local restrictions in the PC incase some one connects anther PC or laptop. Any help? thanks.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Blocking one PC from accessing internet sites
- Thread starter beckman68
- Start date
wrong forum.
But you need to set up something on the router or buy a third party software application.You could edit the local policy group on the PC admin level and apply it to a user.But you did not want to apply locally
Marshall
But you need to set up something on the router or buy a third party software application.You could edit the local policy group on the PC admin level and apply it to a user.But you did not want to apply locally
Marshall
- Thread starter
- #3
Wow, a user actually using a BCM as more then a phone system! cool, I thought this was a myth! Guess there is some truth to the "convergence" argument after all.
I believe you can go this from "Policy Management" - "IP Firewall filters".
Create an Outbound Filter rule and you should be able to restrict access to a destination port range (HTTP).
However it is by IP, so if you are using DHCP, then you will need to make a reservation for the PC to ensure it always gets the same IP address.
This is assuming the BCM is the gateway for the client PC.
I've only played with this, haven't done it. I gave up long ago on using the BCM for anything more then a Nortel Phone system.
Good Luck and forgive my cynicism.
I believe you can go this from "Policy Management" - "IP Firewall filters".
Create an Outbound Filter rule and you should be able to restrict access to a destination port range (HTTP).
However it is by IP, so if you are using DHCP, then you will need to make a reservation for the PC to ensure it always gets the same IP address.
This is assuming the BCM is the gateway for the client PC.
I've only played with this, haven't done it. I gave up long ago on using the BCM for anything more then a Nortel Phone system.
Good Luck and forgive my cynicism.
acewarlock
Technical User
beckman68 how do you connect to the internet to surf??? is there a way to do that????
I could not belive it myself that is why I thought you had the wrong forum.
Marshall
Marshall
beckman is trying to block internet access from a single computer. I believe he would have to block access to port 80 as an outbound rule and block by the PC's mac address.
This could also be done using IP address if in the DHCP server the IP address lease is reserved via mac address. It would actually be possible to do this in BCM. You would have to first create the reserved lease to the mac address. Then build an outgoing policy filter on port 80 to the reserved DHCP IP.
It is much easier using a decent router like the Sonicwall using content filtering and policies. But this is possible using the crappy firewall in the BCM.
This could also be done using IP address if in the DHCP server the IP address lease is reserved via mac address. It would actually be possible to do this in BCM. You would have to first create the reserved lease to the mac address. Then build an outgoing policy filter on port 80 to the reserved DHCP IP.
It is much easier using a decent router like the Sonicwall using content filtering and policies. But this is possible using the crappy firewall in the BCM.
Also, remember that there are only 32 configurable firewall options in the BCM. Those can get eaten up rather quickly depending on the site and security policies needed.
I'll side with aragon - for this application, I'd use a dedicated router/firewall designed for this type of app. I haven't used a Sonicwall, but the Contivity boxes do a good job at this.
I'll side with aragon - for this application, I'd use a dedicated router/firewall designed for this type of app. I haven't used a Sonicwall, but the Contivity boxes do a good job at this.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question
